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| | Continuation Sheet Attached 
Brief Description of Argument to be Presented: 

Will discuss proposed amendments to claim 25 (regarding rejection of claim under 35 U.S.C. 101). 



Will discuss features in the application/claims and the applied Shapiro and Batten-Carew references. 
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IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

In re application of: Confirmation No.: 8114 

KENRICH et al. Art Unit: 2436 

Appl. No.: 10/815,229 Examiner: Abedin, Shanto 

Filed: March 30, 2004 Atty. Docket: 2222.5490000 

For: Method and System for Providing 
Cryptographic Document Retention 
with Off-Line Access 

DRAFT 

Proposed Claim Amendments to be discussed during telephonic interview 

PROPOSED CLAIMS -FOR DISCUSSION PURPOSES ONLY— NOT TO BE 
ENTERED INTO FORMAL RECORD 

Proposed Amendments to the Claims 

1. (Currently amended) A method of providing automated document 
retention for an electronic document comprising: 

assigning a document retention policy to the electronic document, the document 
retention policy being derived from a recurring cut-off retention schedule specifying cut- 
off periods, each cut-off period having a respective document retention duration 
associated therewith and corresponding to a respective maximum off-line period of a 
client, wherein the maximum off-line period expires a predetermined period of time after 
a beginning of its cut-off period; and 

encrypting the electronic document using cryptographic keys associated with 
particular cut-off periods, associated retention durations, and corresponding maximum 
off-lin e periods, wherein the encrypting is based on the document retention policy such 
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that the electronic document can be cryptographically accessed only during retention 
durations and prior to the expiration of the maximum off-line period of the client. 

10. (Currently amended) A method of limiting access to an electronic 
document comprising: 

determining whether a cut-off period of a recurring cut-off retention schedule for 
a first document retention key has elapsed; 

generatin g, according to a predetermined schedule, a next document retention key 
having a do cument retention policy associated therewith, wherein the document retention 
policy specifies a docu ment retention duration that expires a predetermined period of 
time after a b eginning o f a next cut-o ff period, wherein the next document retention key 
isto be used to encrypt the electronic document during a next cut-off period, the aest 
dooumont r e t e ntion k e y having a document retention duration 
corresponding to a maximum off-line period of a client^ 

p e riod oxpires a predetermined poriod of time after a boginning of the noxt cut off 

notifying the client of the next document retention key, the electronic document 
being cryptographically accessible only during document retention durations and prior to 
the expiration of the maximum off-line period of the client using a cryptographic key 
associated wit h auoh durations particular cut-off p e riods, associated retention durations. 
and corresponding m aximum off-line periods . 



13. (Currently amended) A method for restricting access to an electronic 
document, said method comprising: 

2 Atty. Dkt. No. 2222.5490000 
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encrypting a data portion of the electronic document using a document key to 
produce an encrypted data portion; 

using a retention access key to associate a document retention policy with the 
electronic documen t, wherein the document retention p oli cy specifies the document 
retention duration that expires a predetermined r>er iod of time after a beginning of a cut- 
off period of a recurring cut-off retention schedule : 

encrypting the document key using the retention access key to produce an 
encrypted document key, the retention access key being usable for said encrypting during 
[[a]] the_cut-off period of a recurring cut-off retention schedule, the cut-off period having 
a document retention duration associated therewith and corresponding to a maximum 
off-line period of a client, wherein the maximum off-line period expires a predetermined 
period of time after a beginning of the cut-off period; 

forming a secured electronic document from at least the encrypted data portion 
and the encrypted document key; and 

storing the secured electronic document, the secured electronic document being 
cryptographically accessible only during the document retention duration and prior to the 
expiration of the maximum off-line period of the client. 

21, (Currently amended) A tangible computer-readable medium having 
ms tructipn s_5tored thereon, the instructions * m V "<™ mrnmtnHn w^w;,-^ thnt> if 
e x e cuted by a computing rimnnn, r.n,,^ tl™ ^ mv ^z ri r virn t o p o rform a me t hod 
comprising: 

i nstructions fo r assigning a document retention policy to an electronic document, 
the document retention policy being derived from a recurring cut-off retention schedule 

3 Atty. Dkt. No. 2222.5490000 
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specifying cut-off periods, each cut-off period having a respective document retention 
duration associated therewith and copending to a respective maximum off-hne period 
of a client, wherein the maximum off-line penod expires a predetermined period of time 
after a beginning of its cut-off period; and 

associated with particular cnt-off periods , assort ^ M w] 
corresponds maximum off-line periods, wherein th« ^ r ^ r hl , rf1 nn fl|| 
document retention policy such that the electronic document can be cryptographically 
accessed only during retention durations and prior to the expiration of the maximum off, 
line period of the client. 



25. (Currently amended) A eomptiteF-impJeHiented-file security system for 
restricting access to an electronic file, comprising; 
a computing device^ 

a module which if executed by [[ajjthe computing dWft B compute 
frnplmnnntnl fill uuluiUj J>S tem, causes the computing device to store a plurality of 
cryptographic key pairs on a computer-readable storage medium, each of the 
cryptographic key pair, including a public key and a private key, at least one of the 
cryptographic^^ 

document retention durations, each document retention duration havmg a respective cut 
off period associated therewith and corresponding to a respective maximum off-line 
period of a client, wherem the maximum offline penod expires a predetermined period 
of time after a beginning of its cut-off period; and 
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an access control management module which if executed by [ [a] ]the computing 

^^^^ m p ]m ^ m „ Lu um > ^ cauge$ ^ computing 

to: ; 

provide, for each particular cut-off period, a different one of the public keys of 
the at least one of the cryptographic keypairs, and 

determine whether the private key of the a. least one of the cryptographic key 
pairs pertaining ,„ the retention policy is permitted «, be provMed to . ^ ^ 

whether its respective document retention duration following a beginning of to 
respective cut-off period has expired, 

wherein the requestor requires the private key of the at least one of the 
CryptograpUckeypaircperteimngto^^ 

file, and wherein the secured electronic fi.e was previously secured using the public key ! 
ofmeatteastoneofmecrypfographiokeypaireperumingtomeretenrion 
fte.imethee.ecrionicmewassecured.thepuWiekeywaswiminiterespectivecut-off 
periodandavailableforuse.foesecur^elec^cdocnmen.beingcryp.ographicany 
accessible only during me retention dura.ions.and prior to me expiration ofmemaxmW 
off-line period of the client, 
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